127 lines
3.0 KiB
Go
127 lines
3.0 KiB
Go
package main
|
|
|
|
import (
|
|
"flag"
|
|
"fmt"
|
|
"log"
|
|
"os"
|
|
"strconv"
|
|
"strings"
|
|
"time"
|
|
|
|
"github.com/knqyf263/vuln-list-update/alpine"
|
|
|
|
"github.com/knqyf263/vuln-list-update/debian"
|
|
"github.com/knqyf263/vuln-list-update/git"
|
|
"github.com/knqyf263/vuln-list-update/nvd"
|
|
debianoval "github.com/knqyf263/vuln-list-update/oval/debian"
|
|
"github.com/knqyf263/vuln-list-update/redhat"
|
|
"github.com/knqyf263/vuln-list-update/ubuntu"
|
|
"github.com/knqyf263/vuln-list-update/utils"
|
|
|
|
"golang.org/x/xerrors"
|
|
)
|
|
|
|
const (
|
|
repoURL = "https://%s@github.com/knqyf263/vuln-list.git"
|
|
)
|
|
|
|
var (
|
|
target = flag.String("target", "", "update target (nvd, alpine, redhat, debian, ubuntu)")
|
|
years = flag.String("years", "", "update years (only redhat)")
|
|
)
|
|
|
|
func main() {
|
|
if err := run(); err != nil {
|
|
log.Fatal(err)
|
|
}
|
|
}
|
|
|
|
func run() error {
|
|
flag.Parse()
|
|
now := time.Now().UTC()
|
|
|
|
// Embed GitHub token to URL
|
|
githubToken := os.Getenv("GITHUB_TOKEN")
|
|
url := fmt.Sprintf(repoURL, githubToken)
|
|
|
|
if _, err := git.CloneOrPull(url, utils.VulnListDir()); err != nil {
|
|
return xerrors.Errorf("clone or pull error: %w", err)
|
|
}
|
|
|
|
var commitMsg string
|
|
switch *target {
|
|
case "nvd":
|
|
if err := nvd.Update(now.Year()); err != nil {
|
|
return xerrors.Errorf("error in NVD update: %w", err)
|
|
}
|
|
commitMsg = "NVD"
|
|
case "redhat":
|
|
var yearList []int
|
|
for _, y := range strings.Split(*years, ",") {
|
|
yearInt, err := strconv.Atoi(y)
|
|
if err != nil {
|
|
return xerrors.Errorf("invalid years: %w", err)
|
|
}
|
|
yearList = append(yearList, yearInt)
|
|
}
|
|
if len(yearList) == 0 {
|
|
return xerrors.New("years must be specified")
|
|
}
|
|
if err := redhat.Update(yearList); err != nil {
|
|
return err
|
|
}
|
|
commitMsg = "RedHat " + *years
|
|
case "debian":
|
|
if err := debian.Update(); err != nil {
|
|
return xerrors.Errorf("error in Debian update: %w", err)
|
|
}
|
|
commitMsg = "Debian Security Bug Tracker"
|
|
case "debian-oval":
|
|
if err := debianoval.Update(); err != nil {
|
|
return xerrors.Errorf("error in Debian OVAL update: %w", err)
|
|
}
|
|
commitMsg = "Debian OVAL"
|
|
case "ubuntu":
|
|
if err := ubuntu.Update(); err != nil {
|
|
return xerrors.Errorf("error in Debian update: %w", err)
|
|
}
|
|
commitMsg = "Ubuntu CVE Tracker"
|
|
case "alpine":
|
|
if err := alpine.Update(); err != nil {
|
|
return xerrors.Errorf("error in Alpine update: %w", err)
|
|
}
|
|
commitMsg = "Alpine Issue Tracker"
|
|
default:
|
|
return xerrors.New("unknown target")
|
|
}
|
|
|
|
if err := utils.SetLastUpdatedDate(*target, now); err != nil {
|
|
return err
|
|
}
|
|
|
|
log.Println("git status")
|
|
files, err := git.Status(utils.VulnListDir())
|
|
if err != nil {
|
|
return xerrors.Errorf("failed to git status: %w", err)
|
|
}
|
|
|
|
// only last_updated.json
|
|
if len(files) < 2 {
|
|
log.Println("Skip commit and push")
|
|
return nil
|
|
}
|
|
|
|
log.Println("git commit")
|
|
if err = git.Commit(utils.VulnListDir(), "./", commitMsg); err != nil {
|
|
return xerrors.Errorf("failed to git commit: %w", err)
|
|
}
|
|
|
|
log.Println("git push")
|
|
if err = git.Push(utils.VulnListDir(), "master"); err != nil {
|
|
return xerrors.Errorf("failed to git push: %w", err)
|
|
}
|
|
|
|
return nil
|
|
}
|